MD5加密和密码比较

Question

我已经使用MD5创建了一个密码，那么如何比较使用MD5加密的密码与loopback的登录部分中给出的密码?？

Answer 1

我假设你存储了散列的密码(在你的例子中，它是用MD5函数散列的，但请使用更好的散列，比如SHA-3)：

$ echo mySecurePassword | md5
6b069a261eb584b5706a4a154fa8cdb1
$ echo 'user1:6b069a261eb584b5706a4a154fa8cdb1` >> /etc/my-password-storage

现在来了一个用户，让我们检查一下她是否知道密码：

$ login: user1
password: mysecurePassword
// here your 'login' program takes whatever user provided as a password and hashes it again:
// providedPasswordHash = md5("mysecurePassword") // providedPasswordHash = "a7d16ed9ff6f2185e4e5236e4cfcd3d1" now
// Now your program checks if it is the same as in /etc/my-password-storage for 'user1'
// Aah, it is not: a7d16ed9ff6f2185e4e5236e4cfcd3d1 != 6b069a261eb584b5706a4a154fa8cdb1
// The user forgot to uppercase S in their password
// so you prompt again:
login: user1
password: mySecurePassword
// now she typed correctly: md5(providedPassword)==md5HashStored, i.e. "6b069a261eb584b5706a4a154fa8cdb1"=="6b069a261eb584b5706a4a154fa8cdb1"
// she has successfully authenticated